This page documents the language specification for the aws package. If you're looking for help working with the inputs, outputs, or functions of aws resources in a Pulumi program, please see the resource documentation for examples and API reference.

directoryservice¶

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-aws repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-aws repo.

class pulumi_aws.directoryservice.AwaitableGetDirectoryResult(access_url=None, alias=None, connect_settings=None, description=None, directory_id=None, dns_ip_addresses=None, edition=None, enable_sso=None, id=None, name=None, security_group_id=None, short_name=None, size=None, tags=None, type=None, vpc_settings=None)¶

class pulumi_aws.directoryservice.ConditionalForwader(resource_name, opts=None, directory_id=None, dns_ips=None, remote_domain_name=None, __props__=None, __name__=None, __opts__=None)¶

Provides a conditional forwarder for managed Microsoft AD in AWS Directory Service.

import pulumi
import pulumi_aws as aws

example = aws.directoryservice.ConditionalForwader("example",
    directory_id=aws_directory_service_directory["ad"]["id"],
    dns_ips=[
        "8.8.8.8",
        "8.8.4.4",
    ],
    remote_domain_name="example.com")

Parameters

resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
directory_id (pulumi.Input[str]) – The id of directory.
dns_ips (pulumi.Input[list]) – A list of forwarder IP addresses.
remote_domain_name (pulumi.Input[str]) – The fully qualified domain name of the remote domain for which forwarders will be used.

directory_id: pulumi.Output[str] = None¶: The id of directory.

dns_ips: pulumi.Output[list] = None¶: A list of forwarder IP addresses.

remote_domain_name: pulumi.Output[str] = None¶: The fully qualified domain name of the remote domain for which forwarders will be used.

static get(resource_name, id, opts=None, directory_id=None, dns_ips=None, remote_domain_name=None)¶

Get an existing ConditionalForwader resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
directory_id (pulumi.Input[str]) – The id of directory.
dns_ips (pulumi.Input[list]) – A list of forwarder IP addresses.
remote_domain_name (pulumi.Input[str]) – The fully qualified domain name of the remote domain for which forwarders will be used.

translate_output_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

translate_input_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

class pulumi_aws.directoryservice.Directory(resource_name, opts=None, alias=None, connect_settings=None, description=None, edition=None, enable_sso=None, name=None, password=None, short_name=None, size=None, tags=None, type=None, vpc_settings=None, __props__=None, __name__=None, __opts__=None)¶

Provides a Simple or Managed Microsoft directory in AWS Directory Service.

Note: All arguments including the password and customer username will be stored in the raw state as plain-text.

import pulumi
import pulumi_aws as aws

main = aws.ec2.Vpc("main", cidr_block="10.0.0.0/16")
foo = aws.ec2.Subnet("foo",
    availability_zone="us-west-2a",
    cidr_block="10.0.1.0/24",
    vpc_id=main.id)
bar_subnet = aws.ec2.Subnet("barSubnet",
    availability_zone="us-west-2b",
    cidr_block="10.0.2.0/24",
    vpc_id=main.id)
bar_directory = aws.directoryservice.Directory("barDirectory",
    password="SuperSecretPassw0rd",
    size="Small",
    tags={
        "Project": "foo",
    },
    vpc_settings={
        "subnet_ids": [
            foo.id,
            bar_subnet.id,
        ],
        "vpc_id": main.id,
    })

import pulumi
import pulumi_aws as aws

main = aws.ec2.Vpc("main", cidr_block="10.0.0.0/16")
foo = aws.ec2.Subnet("foo",
    availability_zone="us-west-2a",
    cidr_block="10.0.1.0/24",
    vpc_id=main.id)
bar_subnet = aws.ec2.Subnet("barSubnet",
    availability_zone="us-west-2b",
    cidr_block="10.0.2.0/24",
    vpc_id=main.id)
bar_directory = aws.directoryservice.Directory("barDirectory",
    edition="Standard",
    password="SuperSecretPassw0rd",
    tags={
        "Project": "foo",
    },
    type="MicrosoftAD",
    vpc_settings={
        "subnet_ids": [
            foo.id,
            bar_subnet.id,
        ],
        "vpc_id": main.id,
    })

import pulumi
import pulumi_aws as aws

main = aws.ec2.Vpc("main", cidr_block="10.0.0.0/16")
foo = aws.ec2.Subnet("foo",
    availability_zone="us-west-2a",
    cidr_block="10.0.1.0/24",
    vpc_id=main.id)
bar = aws.ec2.Subnet("bar",
    availability_zone="us-west-2b",
    cidr_block="10.0.2.0/24",
    vpc_id=main.id)
connector = aws.directoryservice.Directory("connector",
    connect_settings={
        "customerDnsIps": ["A.B.C.D"],
        "customerUsername": "Admin",
        "subnet_ids": [
            foo.id,
            bar.id,
        ],
        "vpc_id": main.id,
    },
    password="SuperSecretPassw0rd",
    size="Small",
    type="ADConnector")

Parameters

resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
alias (pulumi.Input[str]) – The alias for the directory (must be unique amongst all aliases in AWS). Required for enable_sso.
connect_settings (pulumi.Input[dict]) – Connector related information about the directory. Fields documented below.
description (pulumi.Input[str]) – A textual description for the directory.
edition (pulumi.Input[str]) – The MicrosoftAD edition (Standard or Enterprise). Defaults to Enterprise (applies to MicrosoftAD type only).
enable_sso (pulumi.Input[bool]) – Whether to enable single-sign on for the directory. Requires alias. Defaults to false.
name (pulumi.Input[str]) – The fully qualified name for the directory, such as corp.example.com
password (pulumi.Input[str]) – The password for the directory administrator or connector user.
short_name (pulumi.Input[str]) – The short name of the directory, such as CORP.
size (pulumi.Input[str]) – The size of the directory (Small or Large are accepted values).
tags (pulumi.Input[dict]) – A map of tags to assign to the resource.
type (pulumi.Input[str]) – The directory type (SimpleAD, ADConnector or MicrosoftAD are accepted values). Defaults to SimpleAD.
vpc_settings (pulumi.Input[dict]) – VPC related information about the directory. Fields documented below.

The connect_settings object supports the following:

availability_zones (pulumi.Input[list])
connectIps (pulumi.Input[list]) - The IP addresses of the AD Connector servers.
customerDnsIps (pulumi.Input[list]) - The DNS IP addresses of the domain to connect to.
customerUsername (pulumi.Input[str]) - The username corresponding to the password provided.
subnet_ids (pulumi.Input[list]) - The identifiers of the subnets for the directory servers (2 subnets in 2 different AZs).
vpc_id (pulumi.Input[str]) - The identifier of the VPC that the directory is in.

The vpc_settings object supports the following:

availability_zones (pulumi.Input[list])
subnet_ids (pulumi.Input[list]) - The identifiers of the subnets for the directory servers (2 subnets in 2 different AZs).
vpc_id (pulumi.Input[str]) - The identifier of the VPC that the directory is in.

access_url: pulumi.Output[str] = None¶: The access URL for the directory, such as http://alias.awsapps.com.

alias: pulumi.Output[str] = None¶: The alias for the directory (must be unique amongst all aliases in AWS). Required for enable_sso.

connect_settings: pulumi.Output[dict] = None¶

Connector related information about the directory. Fields documented below.

availability_zones (list)
connectIps (list) - The IP addresses of the AD Connector servers.
customerDnsIps (list) - The DNS IP addresses of the domain to connect to.
customerUsername (str) - The username corresponding to the password provided.
subnet_ids (list) - The identifiers of the subnets for the directory servers (2 subnets in 2 different AZs).
vpc_id (str) - The identifier of the VPC that the directory is in.

description: pulumi.Output[str] = None¶: A textual description for the directory.

dns_ip_addresses: pulumi.Output[list] = None¶: A list of IP addresses of the DNS servers for the directory or connector.

edition: pulumi.Output[str] = None¶: The MicrosoftAD edition (Standard or Enterprise). Defaults to Enterprise (applies to MicrosoftAD type only).

enable_sso: pulumi.Output[bool] = None¶: Whether to enable single-sign on for the directory. Requires alias. Defaults to false.

name: pulumi.Output[str] = None¶: The fully qualified name for the directory, such as corp.example.com

password: pulumi.Output[str] = None¶: The password for the directory administrator or connector user.

security_group_id: pulumi.Output[str] = None¶: The ID of the security group created by the directory.

short_name: pulumi.Output[str] = None¶: The short name of the directory, such as CORP.

size: pulumi.Output[str] = None¶: The size of the directory (Small or Large are accepted values).

tags: pulumi.Output[dict] = None¶: A map of tags to assign to the resource.

type: pulumi.Output[str] = None¶: The directory type (SimpleAD, ADConnector or MicrosoftAD are accepted values). Defaults to SimpleAD.

vpc_settings: pulumi.Output[dict] = None¶

VPC related information about the directory. Fields documented below.

availability_zones (list)
subnet_ids (list) - The identifiers of the subnets for the directory servers (2 subnets in 2 different AZs).
vpc_id (str) - The identifier of the VPC that the directory is in.

static get(resource_name, id, opts=None, access_url=None, alias=None, connect_settings=None, description=None, dns_ip_addresses=None, edition=None, enable_sso=None, name=None, password=None, security_group_id=None, short_name=None, size=None, tags=None, type=None, vpc_settings=None)¶

Get an existing Directory resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
access_url (pulumi.Input[str]) – The access URL for the directory, such as http://alias.awsapps.com.
alias (pulumi.Input[str]) – The alias for the directory (must be unique amongst all aliases in AWS). Required for enable_sso.
connect_settings (pulumi.Input[dict]) – Connector related information about the directory. Fields documented below.
description (pulumi.Input[str]) – A textual description for the directory.
dns_ip_addresses (pulumi.Input[list]) – A list of IP addresses of the DNS servers for the directory or connector.
edition (pulumi.Input[str]) – The MicrosoftAD edition (Standard or Enterprise). Defaults to Enterprise (applies to MicrosoftAD type only).
enable_sso (pulumi.Input[bool]) – Whether to enable single-sign on for the directory. Requires alias. Defaults to false.
name (pulumi.Input[str]) – The fully qualified name for the directory, such as corp.example.com
password (pulumi.Input[str]) – The password for the directory administrator or connector user.
security_group_id (pulumi.Input[str]) – The ID of the security group created by the directory.
short_name (pulumi.Input[str]) – The short name of the directory, such as CORP.
size (pulumi.Input[str]) – The size of the directory (Small or Large are accepted values).
tags (pulumi.Input[dict]) – A map of tags to assign to the resource.
type (pulumi.Input[str]) – The directory type (SimpleAD, ADConnector or MicrosoftAD are accepted values). Defaults to SimpleAD.
vpc_settings (pulumi.Input[dict]) – VPC related information about the directory. Fields documented below.

The connect_settings object supports the following:

availability_zones (pulumi.Input[list])
connectIps (pulumi.Input[list]) - The IP addresses of the AD Connector servers.
customerDnsIps (pulumi.Input[list]) - The DNS IP addresses of the domain to connect to.
customerUsername (pulumi.Input[str]) - The username corresponding to the password provided.
subnet_ids (pulumi.Input[list]) - The identifiers of the subnets for the directory servers (2 subnets in 2 different AZs).
vpc_id (pulumi.Input[str]) - The identifier of the VPC that the directory is in.

The vpc_settings object supports the following:

availability_zones (pulumi.Input[list])
subnet_ids (pulumi.Input[list]) - The identifiers of the subnets for the directory servers (2 subnets in 2 different AZs).
vpc_id (pulumi.Input[str]) - The identifier of the VPC that the directory is in.

translate_output_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

translate_input_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

class pulumi_aws.directoryservice.GetDirectoryResult(access_url=None, alias=None, connect_settings=None, description=None, directory_id=None, dns_ip_addresses=None, edition=None, enable_sso=None, id=None, name=None, security_group_id=None, short_name=None, size=None, tags=None, type=None, vpc_settings=None)¶

A collection of values returned by getDirectory.

access_url = None¶: The access URL for the directory/connector, such as http://alias.awsapps.com.

alias = None¶: The alias for the directory/connector, such as d-991708b282.awsapps.com.

description = None¶: A textual description for the directory/connector.

dns_ip_addresses = None¶: A list of IP addresses of the DNS servers for the directory/connector.

edition = None¶: (for MicrosoftAD) The Microsoft AD edition (Standard or Enterprise).

enable_sso = None¶: The directory/connector single-sign on status.

id = None¶: The provider-assigned unique ID for this managed resource.

name = None¶: The fully qualified name for the directory/connector.

security_group_id = None¶: The ID of the security group created by the directory/connector.

short_name = None¶: The short name of the directory/connector, such as CORP.

size = None¶: (for SimpleAD and ADConnector) The size of the directory/connector (Small or Large).

tags = None¶: A map of tags assigned to the directory/connector.

type = None¶: The directory type (SimpleAD, ADConnector or MicrosoftAD).

class pulumi_aws.directoryservice.LogService(resource_name, opts=None, directory_id=None, log_group_name=None, __props__=None, __name__=None, __opts__=None)¶

Provides a Log subscription for AWS Directory Service that pushes logs to cloudwatch.

import pulumi
import pulumi_aws as aws

example_log_group = aws.cloudwatch.LogGroup("exampleLogGroup", retention_in_days=14)
ad_log_policy_policy_document = example_log_group.arn.apply(lambda arn: aws.iam.get_policy_document(statements=[{
    "actions": [
        "logs:CreateLogStream",
        "logs:PutLogEvents",
    ],
    "effect": "Allow",
    "principals": [{
        "identifiers": ["ds.amazonaws.com"],
        "type": "Service",
    }],
    "resources": [arn],
}]))
ad_log_policy_log_resource_policy = aws.cloudwatch.LogResourcePolicy("ad-log-policyLogResourcePolicy",
    policy_document=ad_log_policy_policy_document.json,
    policy_name="ad-log-policy")
example_log_service = aws.directoryservice.LogService("exampleLogService",
    directory_id=aws_directory_service_directory["example"]["id"],
    log_group_name=example_log_group.name)

Parameters

resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
directory_id (pulumi.Input[str]) – The id of directory.
log_group_name (pulumi.Input[str]) – Name of the cloudwatch log group to which the logs should be published. The log group should be already created and the directory service principal should be provided with required permission to create stream and publish logs. Changing this value would delete the current subscription and create a new one. A directory can only have one log subscription at a time.

directory_id: pulumi.Output[str] = None¶: The id of directory.

log_group_name: pulumi.Output[str] = None¶: Name of the cloudwatch log group to which the logs should be published. The log group should be already created and the directory service principal should be provided with required permission to create stream and publish logs. Changing this value would delete the current subscription and create a new one. A directory can only have one log subscription at a time.

static get(resource_name, id, opts=None, directory_id=None, log_group_name=None)¶

Get an existing LogService resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
directory_id (pulumi.Input[str]) – The id of directory.
log_group_name (pulumi.Input[str]) – Name of the cloudwatch log group to which the logs should be published. The log group should be already created and the directory service principal should be provided with required permission to create stream and publish logs. Changing this value would delete the current subscription and create a new one. A directory can only have one log subscription at a time.

translate_output_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

translate_input_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

pulumi_aws.directoryservice.get_directory(directory_id=None, tags=None, opts=None)¶

Get attributes of AWS Directory Service directory (SimpleAD, Managed AD, AD Connector). It’s especially useful to refer AWS Managed AD or on-premise AD in AD Connector configuration.

import pulumi
import pulumi_aws as aws

example = aws.directoryservice.get_directory(directory_id=aws_directory_service_directory["main"]["id"])

Parameters

directory_id (str) – The ID of the directory.
tags (dict) – A map of tags assigned to the directory/connector.

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud

directoryservice¶

On This Page